Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/8e6f08-30f0-46dd-a7a1-a9c384128d42/1/hqx3shOTD0QFr4I1tu2yAqM7KAw.roa
File: hqx3shOTD0QFr4I1tu2yAqM7KAw.roa (raw, json)
Hash identifier: PJ0hBFIUmxWc7v3dKkEqgItufcDf8UizXft5IhAyJ24=
Subject key identifier: 86:AC:77:B2:13:93:0F:44:05:AF:82:35:B6:ED:B2:02:A3:3B:28:0C
Certificate issuer: /CN=a0e381b6e76cb9520e8d8f56776eca0fe176cc40
Certificate serial: 018CC5DBFC6E7C17A8F1B18240D072E2712A
Authority key identifier: A0:E3:81:B6:E7:6C:B9:52:0E:8D:8F:56:77:6E:CA:0F:E1:76:CC:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oOOBtudsuVIOjY9Wd27KD-F2zEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/8e6f08-30f0-46dd-a7a1-a9c384128d42/1/hqx3shOTD0QFr4I1tu2yAqM7KAw.roa
Signing time: Mon 01 Jan 2024 16:29:37 +0000
ROA not before: Mon 01 Jan 2024 16:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39650
IP address blocks: 185.161.36.0/22 maxlen: 24
185.229.28.0/24 maxlen: 24
185.229.29.0/24 maxlen: 24
185.229.30.0/24 maxlen: 24
185.229.31.0/24 maxlen: 24
185.164.75.0/24 maxlen: 24
185.164.74.0/24 maxlen: 24
2a0d:6600::/29 maxlen: 29
2a0a:d400::/29 maxlen: 29
2a06:5a40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/8e6f08-30f0-46dd-a7a1-a9c384128d42/1/oOOBtudsuVIOjY9Wd27KD-F2zEA.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/8e6f08-30f0-46dd-a7a1-a9c384128d42/1/oOOBtudsuVIOjY9Wd27KD-F2zEA.mft
rsync://rpki.ripe.net/repository/DEFAULT/oOOBtudsuVIOjY9Wd27KD-F2zEA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:fc:6e:7c:17:a8:f1:b1:82:40:d0:72:e2:71:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0e381b6e76cb9520e8d8f56776eca0fe176cc40
Validity
Not Before: Jan 1 16:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86ac77b213930f4405af8235b6edb202a33b280c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:6a:76:eb:b6:a0:e2:cc:28:2f:ab:58:98:36:
03:10:ec:ef:1b:77:9e:15:b9:36:dc:b5:58:c2:21:
36:3d:cf:9e:96:4a:c8:e6:e8:d5:db:1e:88:45:c7:
55:a8:ec:1a:e0:09:38:42:40:96:92:5a:fa:ca:76:
18:e5:4e:0d:16:8b:c5:03:5f:b1:43:ae:b7:69:7b:
47:7c:eb:1e:65:02:57:6c:b7:6a:e3:b1:98:4c:66:
a9:a9:47:11:36:f0:51:76:8b:30:f2:4d:05:6d:2c:
65:89:8f:31:df:fa:8c:e6:bf:f7:ae:ea:cb:ae:e0:
f8:20:67:ed:08:8c:8c:07:0c:32:45:2e:58:c2:ae:
b1:8d:b6:d0:ad:a0:aa:af:e1:a4:ce:98:cd:6b:16:
f9:33:5c:e5:18:53:be:48:09:5a:50:b9:56:dd:d1:
0c:08:7b:c4:0d:a7:ab:e0:3d:34:81:84:4d:54:5d:
45:11:c7:5a:09:36:4f:e2:4e:38:5d:da:4a:c4:61:
33:d5:68:16:85:63:08:83:7e:79:be:87:bd:1c:e3:
98:7f:9b:78:ea:db:54:7c:84:d7:a8:52:72:f0:b8:
da:21:d3:6e:1e:76:6b:dc:e0:c7:b9:ee:0b:79:42:
9b:94:e2:3f:2d:a1:02:33:6a:ea:28:85:52:14:37:
0f:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:AC:77:B2:13:93:0F:44:05:AF:82:35:B6:ED:B2:02:A3:3B:28:0C
X509v3 Authority Key Identifier:
keyid:A0:E3:81:B6:E7:6C:B9:52:0E:8D:8F:56:77:6E:CA:0F:E1:76:CC:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oOOBtudsuVIOjY9Wd27KD-F2zEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/8e6f08-30f0-46dd-a7a1-a9c384128d42/1/hqx3shOTD0QFr4I1tu2yAqM7KAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/8e6f08-30f0-46dd-a7a1-a9c384128d42/1/oOOBtudsuVIOjY9Wd27KD-F2zEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.36.0/22
185.164.74.0/23
185.229.28.0/22
IPv6:
2a06:5a40::/29
2a0a:d400::/29
2a0d:6600::/29
Signature Algorithm: sha256WithRSAEncryption
b5:2b:89:f3:bf:ea:47:36:2b:f9:71:53:fc:24:17:86:63:7e:
56:78:4a:80:af:96:10:b3:f1:9e:0d:0c:a6:6d:25:5e:d9:53:
ae:b1:96:59:b7:7a:6d:2e:54:3c:aa:82:55:a5:65:29:98:3b:
cc:d6:65:d7:8a:57:a4:16:74:9f:f7:da:46:f3:ad:f2:9d:ad:
55:db:1c:ea:d5:d1:fc:58:56:79:95:83:62:f9:47:c9:6c:7c:
4f:9d:8f:91:81:84:2b:de:ea:bb:35:3d:59:47:96:a6:cd:e3:
18:e8:24:a5:7d:27:1c:f9:23:55:06:0a:ca:ca:ba:3b:ec:6f:
e7:84:60:3c:bf:1f:f5:53:88:7e:7e:31:49:c8:83:80:f2:6e:
8e:a8:02:e1:c7:4e:bf:4f:1f:66:8f:f4:7c:b0:d4:e6:4e:1a:
07:8c:70:42:31:59:fa:2f:cf:d6:da:b8:5b:25:32:d1:74:d1:
3a:8e:60:b0:ea:cf:13:07:8c:de:57:63:91:04:41:3b:bb:5a:
b1:8f:0b:7f:e3:64:66:4e:54:88:c9:62:06:86:c1:78:46:ca:
f8:9c:35:7e:8f:6c:da:ce:eb:4f:ff:7e:2b:4c:a1:7d:53:5f:
29:ad:fd:ba:4e:ef:da:0f:51:52:fd:19:8c:51:f7:83:ea:9f:
a9:5a:42:c7
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYzF2/xufBeo8bGCQNBy4nEqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZTM4MWI2ZTc2Y2I5NTIwZThkOGY1Njc3NmVjYTBmZTE3
NmNjNDAwHhcNMjQwMTAxMTYyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmFjNzdiMjEzOTMwZjQ0MDVhZjgyMzViNmVkYjIwMmEzM2IyODBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGp267ag4swoL6tYmDYDEOzvG3ee
Fbk23LVYwiE2Pc+elkrI5ujV2x6IRcdVqOwa4Ak4QkCWklr6ynYY5U4NFovFA1+x
Q663aXtHfOseZQJXbLdq47GYTGapqUcRNvBRdosw8k0FbSxliY8x3/qM5r/3rurL
ruD4IGftCIyMBwwyRS5Ywq6xjbbQraCqr+GkzpjNaxb5M1zlGFO+SAlaULlW3dEM
CHvEDaer4D00gYRNVF1FEcdaCTZP4k44XdpKxGEz1WgWhWMIg355voe9HOOYf5t4
6ttUfITXqFJy8LjaIdNuHnZr3ODHue4LeUKblOI/LaECM2rqKIVSFDcPNwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFIasd7ITkw9EBa+CNbbtsgKjOygMMB8GA1UdIwQY
MBaAFKDjgbbnbLlSDo2PVnduyg/hdsxAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb09PQnR1ZHN1VklPalk5V2QyN0tELUYyekVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS84ZTZmMDgtMzBmMC00NmRkLWE3YTEt
YTljMzg0MTI4ZDQyLzEvaHF4M3NoT1REMFFGcjRJMXR1MnlBcU03S0F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS84ZTZmMDgtMzBmMC00NmRkLWE3YTEtYTljMzg0MTI4ZDQy
LzEvb09PQnR1ZHN1VklPalk5V2QyN0tELUYyekVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAYBAIAATASAwQCuaEkAwQB
uaRKAwQCueUcMBsEAgACMBUDBQMqBlpAAwUDKgrUAAMFAyoNZgAwDQYJKoZIhvcN
AQELBQADggEBALUrifO/6kc2K/lxU/wkF4ZjflZ4SoCvlhCz8Z4NDKZtJV7ZU66x
llm3em0uVDyqglWlZSmYO8zWZdeKV6QWdJ/32kbzrfKdrVXbHOrV0fxYVnmVg2L5
R8lsfE+dj5GBhCve6rs1PVlHlqbN4xjoJKV9Jxz5I1UGCsrKujvsb+eEYDy/H/VT
iH5+MUnIg4Dybo6oAuHHTr9PH2aP9Hyw1OZOGgeMcEIxWfovz9bauFslMtF00TqO
YLDqzxMHjN5XY5EEQTu7WrGPC3/jZGZOVIjJYgaGwXhGyvicNX6PbNrO60//fitM
oX1TXymt/bpO79oPUVL9GYxR94Pqn6laQsc=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:04:18 2024 by rpki-client on console-ams.rpki-client.org